commit ff410edec04793d6d72f9961acd2f13a5ee3b9b5
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Thu Feb 21 01:34:55 2019 +0000
Bug 29204: Inspect circuit queues before sending padding.
Mitigates OOM conditions at relays.
---
changes/bug29204 | 4 ++++
src/core/or/circuitpadding.c | 21 +++++++++++++++++----
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/changes/bug29204 b/changes/bug29204
new file mode 100644
index 000000000..ec2cf67b2
--- /dev/null
+++ b/changes/bug29204
@@ -0,0 +1,4 @@
+ o Minor bugfixes (circuitpadding):
+ - Inspect circuit-level cell queue before sending padding, to avoid
+ sending padding while too much data is queued. Fixes bug 29204;
+ bugfix on 0.4.0.1-alpha.
diff --git a/src/core/or/circuitpadding.c b/src/core/or/circuitpadding.c
index 0dadc5213..ba6bfe1f5 100644
--- a/src/core/or/circuitpadding.c
+++ b/src/core/or/circuitpadding.c
@@ -61,6 +61,7 @@
#include "core/or/crypt_path_st.h"
#include "core/or/circuit_st.h"
#include "core/or/origin_circuit_st.h"
+#include "core/or/or_circuit_st.h"
#include "feature/nodelist/routerstatus_st.h"
#include "feature/nodelist/node_st.h"
#include "core/or/cell_st.h"
@@ -81,6 +82,7 @@ static double circpad_distribution_sample(circpad_distribution_t dist);
/** Cached consensus params */
static uint8_t circpad_global_max_padding_percent;
static uint16_t circpad_global_allowed_cells;
+static uint16_t circpad_max_circ_queued_cells;
/** Global cell counts, for rate limiting */
static uint64_t circpad_global_padding_sent;
@@ -1027,10 +1029,17 @@ circpad_send_padding_cell_for_callback(circpad_machine_state_t *mi)
} else {
// If we're a non-origin circ, we can just send from here as if we're the
// edge.
- log_fn(LOG_INFO,LD_CIRC,
- "Callback: Sending padding to non-origin circuit.");
- relay_send_command_from_edge(0, mi->on_circ, RELAY_COMMAND_DROP, NULL,
- 0, NULL);
+ if (TO_OR_CIRCUIT(circ)->p_chan_cells.n <= circpad_max_circ_queued_cells) {
+ log_fn(LOG_INFO,LD_CIRC,
+ "Callback: Sending padding to non-origin circuit.");
+ relay_send_command_from_edge(0, mi->on_circ, RELAY_COMMAND_DROP, NULL,
+ 0, NULL);
+ } else {
+ static ratelim_t cell_lim = RATELIM_INIT(600);
+ log_fn_ratelim(&cell_lim,LOG_NOTICE,LD_CIRC,
+ "Too many cells (%d) in circ queue to send padding.",
+ TO_OR_CIRCUIT(circ)->p_chan_cells.n);
+ }
}
rep_hist_padding_count_write(PADDING_TYPE_DROP);
@@ -1093,6 +1102,10 @@ circpad_new_consensus_params(const networkstatus_t *ns)
circpad_global_max_padding_percent =
networkstatus_get_param(ns, "circpad_global_max_padding_pct",
0, 0, 100);
+
+ circpad_max_circ_queued_cells =
+ networkstatus_get_param(ns, "circpad_max_circ_queued_cells",
+ CIRCWINDOW_START_MAX, 0, 50*CIRCWINDOW_START_MAX);
}
/**